Re: [users@httpd] multiple vhosts on port 80 and port 443

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi,
let us know if the second HTTPS Vhost works with second certificate, i think it is not possible to have a second namebased HTTPS vhost, because the SSL handshake is done before Apache recieves the GET request and the host header. 

regards



joe pond schrieb:
I noticed on 10/19/2006 several postings about this. I may have included too much stuff but some folks may need the info.
The following configuration setup enables me to have multiple vhost on port 80 and multiple vhosts on port 443 and I can require login/password or not for eithe port 80 or port 443.
The non-matching server name on the 2nd 443 host would seem to be resolveable by creating another certificate with that servers name in it but I have not tried that yet. 

HTH

digger920


Apache2.2.X, SSL, Vhosts

I use include files to make troubleshooting a bit easier.
This is a WAMP server BTW.

In httpd.conf

Listen 192.168.10.4:80
Listen 192.168.10.4:443

LoadModule ssl_module modules/mod_ssl.so



# Virtual hosts
Include conf/extra/httpd-vhosts.conf

# Secure (SSL/TLS) connections
Include conf/extra/httpd-ssl.conf

<IfModule ssl_module>
SSLMutex default
SSLSessionCache none
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>

========================

In httpd-vhosts.conf

NameVirtualHost *:80

<VirtualHost *:80>
   ServerAdmin whoever@where-ever
   ServerName juneau
   DocumentRoot "C:/Server/Apache2.2/htdocs"

   #ErrorLog logs/dummy-host.example.com-error_log
   #CustomLog logs/dummy-host.example.com-access_log common
</VirtualHost>

<VirtualHost *:80>
   ServerAdmin whoever@where-ever
   ServerName ASite
   #ServerAlias Test1
   DocumentRoot "C:/Server/Apache2.2/htdocs/www/A-Site"

   #ErrorLog logs/dummy-host2.example.com-error_log
   #CustomLog logs/dummy-host2.example.com-access_log common
</VirtualHost>

<VirtualHost *:80>
   ServerAdmin whoever@where-ever
   ServerName secure
   DocumentRoot "C:/Locked"
   <Directory /Locked>
   AuthType Basic
   AuthName "Locked Test"
   AuthUserFile C:/Server/Apache2.2/htdocs/passwords/pwrd
   Require user testuser
   Order allow,deny
            Allow from all
   </Directory>
   #ErrorLog logs/dummy-host2.example.com-error_log
   #CustomLog logs/dummy-host2.example.com-access_log common
</VirtualHost>

==================================

In httpd-ssl.conf

NameVirtualHost *:443

##  SSL Global Context

AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl    .crl

SSLSessionCache        shmcb:c:/server/apache2.2/logs/ssl_scache(512000)
SSLSessionCacheTimeout  300

## SSL Virtual Host Context

<VirtualHost *:443>

#   General setup for the virtual host
        ServerName juneau
        ServerAdmin whoever@where-ever
        DocumentRoot "c:/SecureToo/"

        <Directory /SecureToo>
            Order allow,deny
            Allow from all
        </Directory>


        ErrorLog c:/server/apache2.2/logs/vhost_SSL_error_log.log
        TransferLog c:/server/apache2.2/logs/vhost_SSL_access_log.log


#   SSL Engine Switch:
#   Enable/Disable SSL for this virtual host.
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL 

SSLCertificateFile c:/server/apache2.2/conf/ssl/juneau.crt

SSLCertificateKeyFile c:/server/apache2.2/conf/ssl/juneau.key

SSLCertificateChainFile c:/server/apache2.2/conf/ssl/juneau.crt

<FilesMatch "\.(cgi|shtml|phtml|php)$">
   SSLOptions +StdEnvVars
</FilesMatch>
<Directory "c:/server/apache2.2/cgi-bin">
   SSLOptions +StdEnvVars
</Directory>

BrowserMatch ".*MSIE.*" \
        nokeepalive ssl-unclean-shutdown \
        downgrade-1.0 force-response-1.0

CustomLog c:/server/apache2.2/logs/ssl_request_log \
         "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

</VirtualHost>

<VirtualHost *:443>
   ServerAdmin whoever@when-ever
   ServerName secure
   DocumentRoot "C:/Locked/"
   <Directory /Locked>
   AuthType Basic
   AuthName "Locked Test"
   AuthUserFile C:/Server/Apache2.2/htdocs/passwords/pwrd
   Require user jpond
   Order allow,deny
            Allow from all
   </Directory>
   #ErrorLog logs/dummy-host2.example.com-error_log
   #CustomLog logs/dummy-host2.example.com-access_log common
</VirtualHost>

_________________________________________________________________
Add a Yahoo! contact to Windows Live Messenger for a chance to win a free trip! http://www.imagine-windowslive.com/minisites/yahoo/default.aspx?locale=en-us&hmtagline 


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project. 
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
  "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx




---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
  "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux